Please amend claims 82, 84, 88, 89, 96, 98, 99, 102, and 103 to reflect the revised 
claims below. For the Examiner's convenience, and in compliance with 37 CFR § 1.121, 
a marked up version of the amended claims is attached to this response as appendix A. 

82. (Amended) A method of conducting an electronic transaction using an 
electronic card having a public key of a service provider, comprising: 

formatting a key exchange request message at a member, the key 
exchange request message having a public key of the member, and at least a portion of 
the key exchange request message being encrypted using the service provider's public 
key from the electronic card; 

sending the key exchange request message from the member to the service 

provider; 

generating a session key at the service provider in response to the key 
exchange request message; 

formatting a key exchange response message including the session key at 
the service provider; 

sending the key exchange response message from the service provider to 
the member; and 

using the session key to complete the transaction. 

84. (Amended) The method of claim 82 or 83 wherein the use of the session 
key to complete the transaction comprises: 

formatting by the member a transaction request message using the session 
key, the transaction request message including a digital signature of the member, and 
sending the transaction request message to the service provider; and 

formatting at the service provider, a transaction response message for the 
member using the session key, the transaction response including a digital signature of 
the service provider, and sending the transaction response message to the member. 

88. (Amended) The method of claim 84 wherein the transaction request 
message comprises the response to the service provider challenge. 



LAS99 1290197-2.064808.0011 



2 



89. (Amended) The method of claim 84 wherein the transaction response 
message includes data encrypted with the session key. 

96. (Amended) A method of conducting an electronic transaction using an 
electronic card having a public key of a service provider, comprising: 
generating a member challenge by a member; 

encrypting by the member the member challenge using the service 
provider's public key from the electronic card to generate a first cryptogram; 

formatting by the member a key exchange request message including the 
first cryptogram and a public key of the member; 

signing digitally by the member the key exchange request message; 

sending the digitally signed key exchange request message to the service 

provider; 

generating by the service provider a service provider challenge; 
generating by the service provider a session key; 

encrypting by the service provider the service provider challenge and the 
session key using the member's public key to generate a second cryptogram; 

formatting by the service provider a key exchange response message 
including the second cryptogram and a response to the member challenge; 

signing digitally by the service provider the key exchange response 

message; 

sending, the digitally signed key exchange response message to the 

member; 

encrypting by the member a member response for the service provider 
challenge using the session key to generate a third cryptogram; 

attaching the third cryptogram to a transaction message going from the 
member to the service provider; 

signing digitally by the member the transaction message going from the 
member to the service provider; and 

sending the transaction message from the member to the service provider. 
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98. (Amended) The method of claim 96 wherein the key exchange request 
message comprises the member's public key encrypted with the service provider's public 
key. 

99. (Amended) The method of claim 96 wherein the generation of the second 
cryptogram further comprises encrypting the member challenge response as part of the 
second cryptogram. 

102. (Amended) The method of claim 101 further comprising using the 
transaction identifier with a second transaction message following the transaction 
message and going from the member to the service provider. 

103. (Amended) A method of communication using an electronic card having a 
public key of a service provider, comprising: 

formatting a first key exchange request message at a first member, the first 
key exchange request message having a public key of the first member, and at least a 
portion of the first key exchange request message being encrypted using the service 
provider's public key from the electronic card; 

sending the first key exchange request message from the first member to a 
second member; 

combining at a second member, a second member key exchange request 
message with the first member's key exchange request message and sending the 
combined key exchange request message, signed by the second member, to a service 
provider; 

generating a first session key at the service provider in response to the first 
key exchange request message; 

generating a second session key at the service provider in response to the 
second key exchange request message; 

formatting a key exchange response message at the service provider 
including a first session key for the first member, signing the response message, 
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